Preimages for Step-Reduced SHA-2
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Preimage attacks on reduced steps of ARIRANG and PKC98-hash
ICISC'09 Proceedings of the 12th international conference on Information security and cryptology
Improved preimage attack for 68-step HAS-160
ICISC'09 Proceedings of the 12th international conference on Information security and cryptology
Second-preimage analysis of reduced SHA-1
ACISP'10 Proceedings of the 15th Australasian conference on Information security and privacy
(Second) preimage attacks on step-reduced RIPEMD/RIPEMD-128 with a new local-collision approach
CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
Meet-in-the-middle preimage attacks on AES hashing modes and an application to whirlpool
FSE'11 Proceedings of the 18th international conference on Fast software encryption
Preimage attacks against PKC98-Hash and HAS-V
ICISC'10 Proceedings of the 13th international conference on Information security and cryptology
Piccolo: an ultra-lightweight blockcipher
CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
Improved preimage attack on one-block MD4
Journal of Systems and Software
The first 30 years of cryptographic hash functions and the NIST SHA-3 competition
CT-RSA'10 Proceedings of the 2010 international conference on Topics in Cryptology
Biclique cryptanalysis of the full AES
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
Preimage attacks on Full-ARIRANG: analysis of DM-Mode with middle feed-forward
WISA'11 Proceedings of the 12th international conference on Information Security Applications
Three-subset meet-in-the-middle attack on reduced XTEA
AFRICACRYPT'12 Proceedings of the 5th international conference on Cryptology in Africa
(Pseudo) preimage attack on round-reduced grøstl hash function and others
FSE'12 Proceedings of the 19th international conference on Fast Software Encryption
Bicliques for preimages: attacks on skein-512 and the SHA-2 family
FSE'12 Proceedings of the 19th international conference on Fast Software Encryption
Converting meet-in-the-middle preimage attack into pseudo collision attack: application to SHA-2
FSE'12 Proceedings of the 19th international conference on Fast Software Encryption
SCN'12 Proceedings of the 8th international conference on Security and Cryptography for Networks
Bicliques for permutations: collision and preimage attacks in stronger settings
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
Cryptophia's short combiner for collision-resistant hash functions
ACNS'13 Proceedings of the 11th international conference on Applied Cryptography and Network Security
Hi-index | 0.00 |
Preimage resistance of several hash functions has already been broken by the meet-in-the-middle attacks and they utilize a property that their message schedules consist of only permutations of message words. It is unclear whether this type of attacks is applicable to a hash function whose message schedule does not consist of permutations of message words. This paper proposes new attacks against reduced SHA-0 and SHA-1 hash functions by analyzing a message schedule that does not consist of permutations but linear combinations of message words. The newly developed cryptanalytic techniques enable the meet-in-the-middle attack to be applied to reduced SHA-0 and SHA-1 hash functions. The attacks find preimages of SHA-0 and SHA-1 in 2156.6 and 2159.3 compression function computations up to 52 and 48 steps, respectively, compared to the brute-force attack, which requires 2160 compression function computations. The previous best attacks find preimages up to 49 and 44 steps, respectively.